Performance Audit relating to Power Sector PSUs · developed by Tata Consultancy Services (TCS) with Oracle as the database on a centralised platform comprising of four Modules namely,

Performance Audit relating

to

Power Sector PSUs

Highlights

The process of migration of consumer data from Power Computerised Billing

System (CBS) to SAP was not documented. The Company did not provide

any formal training to its regular staff, being the intended System Users.

(Paragraph 2.7 and 2.9)

Deficiencies in the Meter Billing Collection (MBC) and Customer

Relationship Management (CRM) Modules led to various anomalies such as

non-interfacing of the System with Common Meter Reading Instrument

(CMRI), absence of provision for automatic calculation of processing fee,

wrong billing of fixed charges due to incorrect conversion of KW into KVA,

non-updation of Geographical Information System database leading to

overloading of distribution transformers, delay in release of new service

connections due to absence of necessary system alert etc.

(Paragraph 2.11, 2.12, 2.13, 2.16 and 2.17)

Incorrect mapping of business rules as well as lack of adequate validation

checks in the System resulted in excess recovery of power factor penalty,

incorrect billing of fixed/energy charges and wrong categorisation of

consumers leading to allowance of government subsidy to ineligible

consumers, etc.

(Paragraph 2.20, 2.21 and 2.22)

Lack of adequate application controls in the System resulted in acceptance of

unusual meter numbers, processing of unusual transactions, duplicate

generation of bills, etc.

(Paragraph 2.25, 2.28 and 2.30)

Performance Audit on Computerised Electricity Billing System in Assam

Power Distribution Company Limited

CHAPTER II

PERFORMANCE AUDIT RELATING TO POWER SECTOR PSUS

Audit Report (PSUs) for the year ended 31 March 2018

30

Introduction

2.1 Assam Power Distribution Company Limited (Company) which

undertakes distribution of electricity in the State was formed (23 October 2009)

after the unbundling of the erstwhile Assam State Electricity Board. As on 31

March 2018, the Company had 43.28 lakh consumers comprising of two broad

categories, namely low-tension (LT1) and high-tension (HT

2) consumers. The LT

and HT consumers were being billed under 158 Electrical Sub-Divisions (ESDs)

and 17 industrial revenue collection areas (IRCAs) of the Company. All the

consumers (both HT and LT) received power from the sub-stations functioning

under the control of ESDs. The Company billed and collected revenue from

consumers against the electricity supplied as per the Schedule of Tariff (SoT) issued

by the Assam Electricity Regulatory Commission (AERC) from time to time. The

Company was operating with the system of billing and collection of revenue through

the following two billing applications:

• Power Computerised Billing System: It was a decentralized billing

system being used for billing and collection purpose since 2003-04. As on 31

March 2018, around 79.52 per cent (34.42 lakh consumers) of total consumers

were being billed through this application. During 2013-18, the Company billed a

revenue aggregating ` 9,507.42 crore through this application.

• SAP: SAP is a software application in data processing where SAP stands

for System, Application and Products. SAP based billing application was

developed by Tata Consultancy Services (TCS) with Oracle as the database on a

centralised platform comprising of four Modules namely, Meter Billing

Collection (MBC), Customer Relationship Management (CRM), Web Self

Service (WSS) and Energy Audit (EA). The primary database server of SAP

based billing system was located at Data Centre, Guwahati while the Disaster

Recovery Centre (replica of Data Centre) was situated at Agartala. SAP was

introduced (March 2013) after implementation of Restructured Accelerated Power

Development and Reforms Programme (R-APDRP3) of the Government of India

(GoI). The R-APDRP scheme was implemented within the confined area of a town

termed as ‘Ring-fenced area’4. Initially the consumers5 falling within this area

were selected for migration from Power Computerised Billing System (Power

CBS) to SAP and those falling outside the said area continued to be billed through

Power CBS. As HT consumers were the primary source of revenue for the

1 Consumers having connected load below 20 Kilowatt

2 Consumers having connected load of 20 Kilowatt and above

3 R-APDRP is a central sector scheme approved by Ministry of Power, Government of India.

4 An imaginary boundary line demarcated through installation of import/export meters at the

boundary for the purpose of energy audit. 5 Both LT and HT

Chapter II – Performance Audit relating to Power Sector PSUs

31

Company and their migration to SAP ensured centralised monitoring of revenue

billing, all HT consumers were migrated from Power CBS to SAP irrespective of

the fact whether these consumers are covered within or outside the Ring-fenced

area. As on 31 March 2018, the Company had total 8.86 lakh6 consumers (20.48

per cent of total consumers) being billed through SAP. The Company billed a

total revenue of ` 9,041.21 crore during 2013-18 through this application.

The status of billing application used in ESDs and IRCAs as on 31 March 2018

was as shown in Table 2.1.

Table 2.1: Details of usage of Power CBS & SAP

Source: information furnished by the Company

The Company was in the process of migrating all its remaining LT consumers to

SAP. For this purpose, the Company had already prepared (November 2017) a

Detailed Project Report (DPR) while the Request for Proposal (RFP) was under

preparation. After preparation of RFP, the Company would be initiating the

tendering process for migration of LT consumers from Power CBS to SAP.

Organisational Structure

2.2 The organisational structure of the Company dealing with the billing

application has been depicted in the chart below:

6 8.69 lakh LT and 0.17 lakh HT consumers

Billing Units Billing Application

Total Power CBS SAP Power CBS & SAP

Electrical Sub-divisions

(in numbers) 68 17 73 158

Industrial Revenue Collection

Area (in numbers) Nil 17 Nil 17

System implementer:

M/s Tata Consultancy

Services

Nodal Officer, R-APDRP Cell

Assistant General Manager (IT)

Deputy Manager (IT)

Managing Director

Assistant Managers (IT)


32

Scope of Audit

2.3 The present Report covered the audit of the performance of SAP System

during the period from April 2013 to March 2018. As the SAP was a centralized

billing application, the System existing in all ESDs and IRCAs was identical.

Hence, the selection of any ESDs/IRCAs in terms of software application would

not make any difference excepting the verification of Physical, Logical and

Environmental Controls. Considering this, 6 out of 17 ESDs7 and 5 out of 17

IRCAs where SAP was fully implemented were selected for detailed scrutiny for

the present audit. The number of consumers and connected load formed the basis

of selection of samples. The details of the total number of consumers and the

connected load as on 31 March 2018 in respect of selected ESDs and IRCAs have

been shown in Table 2.2.

Table 2.2: Details of consumers/connected load as on 31 March 2018 in respect of

selected ESDs/IRCAs

Sl. No. Name of ESD/IRCA No. of consumers Connected Load (in KW)

1. Jalukbari ESD 27,351 52,454

2. Garbhanga ESD 26,677 74,868

3. Jorhat ESD 25,010 76,413

4. Basistha ESD 22,313 74,893

5. Kalapahar ESD 21,226 55,534

6. Nagaon ESD8 20,628 36,377

7. Guwahati IRCA - I 2,863 3,83,977

8. Jorhat IRCA 1,051 1,47,067

9. Guwahati IRCA - II 1,032 2,51,500

10. Nagaon IRCA 898 1,10,861

11. Tinsukia IRCA 716 1,47,380

Sample 1,49,765 14,11,324

Sample size in per cent 489 5210

Source: Information furnished by the Company

Audit Objectives

2.4 The audit objectives of the present performance audit were to assess

whether:

• appropriate methodology for development and implementation of SAP

was adopted;

7 Out of total 158 ESDs of the Company, SAP system was fully implemented only in 17 ESDs

8 Selected additionally being the pilot project of SAP based billing application.

9 1.5 lakh consumers (Sample) out of total 3.13 lakh consumers in 17 ESDs and 17 IRCAs

10 14.11 lakh KW (sample) out of total connected load of 27.04 lakh KW in 17 ESDs and 17

IRCAs


33

• desired results were achieved by implementing all the four Modules of the

SAP based billing application;

• the business rules were correctly mapped and the System was customized

in conformity with these rules; and

• adequate controls existed to ensure data integrity and security in the

System so as to maintain business continuity plan.

Audit Criteria

2.5 The audit findings were benchmarked against the criteria derived from the

following sources:

� Electricity Supply Code and Related Matters Regulations (Regulations)

issued by Assam Electricity Regulatory Commission (AERC) from time to time;

� Schedule of Tariff issued by AERC;

� User manual of SAP;

� Letter of Award, Request for proposal, Software requirement

specifications; and

� Information Technology Audit Manual

Audit Methodology

2.6 The Audit methodology adopted for attaining the audit objectives involved

explaining the audit scope, audit objectives, audit criteria etc. to the top

management of the Company in the Entry Conference (11 May 2018). During the

conduct of audit, front-end view, access to portal along with data in excel,

Comma-Separated Values (CSV) and text format of SAP System of the Company

were scrutinized. The bills processed during 2016-17 and 2017-18 were analysed

using software tools namely Interactive Data Extraction and Analysis (IDEA), and

Excel to check integrity (accuracy and completeness), compliance (with rules and

regulations) and reliability of the billing data. Besides, Physical verification of IT

system in selected ESDs/IRCAs was also carried out during the course of audit.

The draft audit report was discussed (20 November 2018) with the representatives

of the GoA, Company and the System Developer (Tata Consultancy Services

Limited) in the Exit Conference. The formal replies (2 November 2018) of the

Company to the draft audit report as well as the views expressed by the

representatives of GoA and the Company in the Exit Conference, have been taken

into consideration while finalising the audit report.


34

Acknowledgement

The Indian Audit and Accounts Department acknowledges the cooperation of the

Government/Company for providing necessary information and records during

the course of the audit.

Audit Findings

General Controls

General controls include controls over Data Centre operations, system software

acquisition and maintenance, access security and application system development

and maintenance. Thus, general controls create the environment in which the

application systems and application controls operate.

Project proposal, planning and documentation

2.7 A feasibility study is essential to determine the viability of implementing

any project taking into account the legal, technical as well as economical aspects.

A proper feasibility study at pre-planning stage tells us whether the intended

project is doable and worth the investment. It was, however, observed that the

Company had not conducted any feasibility study before taking up

computerisation of billing system. It was, further observed that while

implementing the new billing system, the process of migration of consumer data

from Power CBS (old system) to SAP System was not documented. As a result,

the inception process of the project could not be verified by Audit.

Further, for effective monitoring of implementation of any project, a competent

Steering Committee comprising of representatives of the intended Users from all

areas of the business including the IT department was required to be in place. The

future direction in the course of implementation and improvement of system

agreed to by the Steering Committee is normally set out in a document known as

the IT strategic plan. Audit observed that no such Steering Committee was in

existence in the Company to guide the whole process of computerisation of billing

system.

During the Exit Conference (20 November 2018), the Government/Company

accepted the facts and stated that SAP was introduced under R-APDRP and

implemented in other States of the Country as well. Hence, the Company

presumed that SAP system would be feasible to implement. It was further stated

that no major issues as such, were faced by the Company due to non-conducting

of feasibility study. As regards the absence of Steering Committee, it was stated

that the IT Cell monitored the process of computerization. It was further added

that initially there were only two members in IT Cell and as such, the records


35

relating to formation of IT Cell were not documented properly. At present, the IT

Cell was having about 50 members to monitor the IT process and assist the field

units in their billing related issues.

The contention of the Government/Company for not conducting feasibility study

was not acceptable in view of the fact that the IT system requirements vary from

State to State due to variation in their existing IT setup, applicable Rules,

Regulations etc. As regards non-existence of Steering Committee, the reply itself

indicated that IT cell was not sufficient to monitor the process of computerisation,

which eventually led to improper documentation of various stages of SAP

implementation.

Thus, absence of a proper feasibility study before implementing SAP system as

well as non-documentation of the process of migration of data from Power CBS

to SAP indicated deficient planning of the Company with regard to development

and implementation of SAP System.

Recommendation No.1: The Company should keep proper documentation of the

migration process of data while augmenting the new System to the left out LT

Consumers.

Dependency on old system of billing

2.8 As per Clause-3.9 of Section-G111

of the Work Order, the work scope of

the system developer (TCS12

) included migration of the historic transactions for at

least three years from Power CBS to SAP. On verification of SAP application in

the selected 6 ESDs and 5 IRCAs, Audit observed that although the historic data

were migrated for three years, the same could not be opened and viewed in the

new System. As a result, the IRCAs/ESDs had to access the required data through

the old billing system (Power CBS) whenever necessary. The above contention

was confirmed during the field inspection of 6 ESDs and 5 IRCAs conducted by

Audit. During the said field inspection, the Company officials had mentioned

about the old court cases, when the ESDs/IRCAs had to trace out the details of the

consumers concerned (such as connected load and consumption) from the old

billing system. It was informed by the Company officials that due to non-

availability of said records in the new billing system, ESDs/IRCAs had no other

option but to depend on old billing system.

In the Exit Conference (20 November 2018), the Government/Company stated

that the Company had not felt the necessity to open and view all the past details of

bills as the same would have overloaded the system and hampered normal

business processes. It was further stated that to resolve any issue arising from old

11

General-Technical Specification of Letter of Award. 12

Tata Consultancy Services Limited.


36

court cases, the historical data would be saved in centralized data bank for any

future requirement.

The fact, however, remained that the historic data though migrated, was of no use

for the field units due to its inaccessibility in the new system. This defeated the

prime objective of migration of data from Power CBS to SAP.

Recommendation No. 2: The issue of inaccessibility of migrated data should be

addressed so that the field units do not need to depend on old billing system in

case of any need.

Training of Users

2.9 Training and development of manpower were closely linked with staff

resource planning. The training to staff by the Company on regular basis was

essential to fulfil the requirement of changing IT environment, which was a

continuous process.

Audit observed that the Company had not imparted any formal training on SAP

with its regular employees (intended System Users) in 4 out of 5 IRCAs and 2 out

of 6 ESDs test checked. As such, the Users were completely dependent on the IT

personnel of the Company and TCS for operating the new System. This led to

various anomalies in operation of the application by the Users as discussed in the

succeeding paragraphs:

Manual preparation of temporary connections bills

(i) As per tariff provisions, temporary connections (TC) were those against

which the electricity was supplied for a period not exceeding one month. During

field inspection of six selected ESDs by Audit, it was observed that though the

provision for processing of temporary connections bills was incorporated in the

system, five out of six selected ESDs did not process the temporary connections

bills through SAP system due to lack of adequate training to its staff. On the

contrary, it was noticed that the temporary connection bills in said five ESDs were

being prepared manually thereby leaving ample scope for human errors in

preparation of bills.

On verification of 230 cases of temporary connection under 5 ESDs, it was

observed that in 13 cases, there was short billing of ` 9,653 due to application of

incorrect tariff, calculation mistakes and short levy of electricity duty. In another

26 such cases, there was excess billing of ` 1,733 due to calculation mistakes,

excess levy of electricity duty etc.


37

Manual preparation of assessment bills

(ii) On detection of various malpractices such as theft/misuse of electricity,

meter tempering, hooking and excess connected load, the Company was to

prepare assessment bills as per the methodology prescribed by Assam Electricity

Regulatory Commission (AERC) and serve the same to the consumer for

payment. Audit observed that though the provision for processing of assessment

bills was incorporated in the System, 5 out of 6 ESDs and 3 out of 5 IRCAs test

checked did not process assessment bills through SAP and these bills were

prepared manually. Out of 378 theft/misuse cases verified by Audit, anomalies

such as application of incorrect tariff/formula/electricity duty/energy

charges/meter rent were noticed in 56 cases leading to short-billing of ` 19.97

lakh.

As evident from the above, the Company failed to eliminate billing errors due to

the existence of human intervention in preparation of bills even after

implementation of SAP.


stated that training was imparted selectively based on the concept of training of

trainers. It was, however, assured to impart required training with the System

Users wherever necessary. As regards the manual processing of bills, the

Government/Company stated that henceforth, all bills would be processed through

SAP system.

The reply was not tenable as the system was meant to be used by all the field

units, as such the choice of selective training was not justified. Further, there was

also failure on the part of the Company to address the instances of preparing the

bills manually by evaluating the effectiveness of training.

Thus, absence of proper training of the intended System Users had led to

existence of manual system of billing defeating the basic objective of the SAP

system.

Recommendation No. 3: Adequate training should be imparted to the System

Users so as to eliminate the scope of manual billing.

System Design Deficiencies

On review of the SAP application through data entry screens as well as the

analysis of data received from the Company, the following system design

deficiencies were noticed:


38

Meter Billing Collection (MBC) Module

Absence of vital business logic in the system

2.10 Clause 4.2.2.4 of the AERC Regulations stipulated that where actual meter

reading cannot be ascertained, the assessed quantity of energy consumed shall be

determined by taking the average consumption for the previous three months,

preceding the date on which the defect was detected or the next three months after

correction of the defect, whichever was higher.

Audit observed that the System was enabled to calculate the average consumption

for the previous three months automatically in case the meter became defective.

The System, however, had no provision to calculate revised average consumption

for next three months after correction of meter defect. Hence, in all such cases,

IRCAs/ESDs concerned had been doing this exercise manually. Further, the

system did not give any alert for raising of the supplementary energy bill in case

the revised average consumption for three months after rectification of meter

defect was higher than the average consumption of previous three months. During

the conduct of audit, 22 cases of defective meters relating to 3 IRCAs were test

checked, Audit observed that the revised average consumption in 5 out of

22 cases was higher than the previous average consumption. In absence of above

business logic in the system, supplementary bills were not served to the

consumers concerned resulting in short billing of revenue aggregating ` 32.40

lakh by the Company.

During the Exit Conference (November 2018), the Government/Company

accepted the facts and stated that the Company would incorporate necessary

provision in the system to raise alert in case the revised average consumption

(after replacement of meter) of any consumer recorded higher than the previous

consumption so that the consumers could be served with supplementary bill

through the system without manual intervention.

The fact, however, remains that design deficiencies in SAP system made it

unreliable for the purpose of raising supplementary bills.

Recommendation No. 4: Issue of supplementary bills after replacement of meter

is a normal practice in electricity business. Hence, the Company needs to rectify

the system defect at the earliest to avoid further loss of revenue .The Company

should internally examine similar issues in other IRCAs also.

Failure to establish interface with Common Meter Reading Instrument

2.11 As per Clause M15 of the Metering Module of Software Requirement

Specifications (SRS), the system should support the data downloading and

uploading from Common Meter Reading Instrument (CMRI). During field


39

inspection (June-July 2018) of 5 out of 17 IRCAs test checked, Audit observed

that the data of HT consumers captured through CMRI in all the 5 IRCAs were

first downloaded to computers and then the meter reading data were manually fed

into the SAP system. The methodology adopted by the Company leaves the scope

for error while feeding the meter reading data manually into the System. As such,

the correctness and the accuracy of the consumption data maintained in SAP

could not be assured.


stated that the provision of data downloading/uploading from/to CMRI in the

system had already been implemented. The Government/Company, however,

could not provide the exact date of implementation of the said supporting

provision to Audit. The Government/Company further accepted that some CMRIs

could not be interfaced with SAP due to compatibility issues.

The reply was not acceptable as the SAP system failed to establish interface with

CMRIs as on January 2019 as confirmed by field unit.

Recommendation No. 5: The Government/Company needs to address the

compatibility issues between SAP and the CMRIs to rule out the scope of any

human intervention in recording of the meter reading data into the System. The

Company should internally examine similar issues in other IRCAs also.

No provision for automatic calculation of processing fee

2.12 AERC specified (November 2017) rates of processing fees applicable for

various operations such as change in name/category/load of the consumer on

payment of the processing fees ranging between ` 20 to ` 5,000. Audit observed

that the System design was not enabled to calculate the processing fee

automatically in case of change in the load/name/category/phase of the consumer.

As such, the processing fee for any change in the consumer details was being

entered manually in the System leaving a scope for human errors. In 122 out of

301 cases of change in the load/name of the consumers in respect of five13

out of

six ESDs test checked, a short levy of processing fee of ` 14,950 was observed in

audit. Similarly, there was also excess levy of processing fee of ` 5,560 in another

53 cases test checked by Audit under the said 5 ESDs.

Thus, business rules were not properly programmed in the system, which allowed

the Users to enter processing fees manually. As a result, the System could not

ensure collection of processing fee in accordance with the provisions of AERC

Regulation.

13

Out of 17 ESDs where SAP was fully implemented


40


accepted the facts and stated that the processing fee as prescribed by AERC

would be incorporated in the System to avoid such error in future.

The fact, however, remains that the Company kept the system for collection of

processing fee at the User’s choice, which led to violation of AERC Regulation.

Recommendation No. 6: The processing fees prescribed by AERC for various

purposes should be incorporated in the system immediately to eliminate the scope

for errors. The Company should internally examine similar issues in other ESDs

also.

Incorrect conversion of connected load from KW to KVA

2.13 As per the Schedule of Tariff (SoT), four categories of consumers (i.e. HT

Domestic, HT Commercial, HT Public Water Works and HT Small Industries

category) did not have a choice to opt separately for the Contract Demand.For the

purpose of levying the fixed charges in the case of said four categories of

consumers, the Contract Demand was to be worked out automatically through

system by converting the Connected Load (in KW) into Contract Demand (in

KVA). As such, the System should have been enabled to derive the Contract

Demand (KVA) of the said consumers through conversion of the Connected Load

(KW) after applying the power factor of 0.85. The fixed/demand charge

should accordingly be levied in the System for the said four categories of

consumers based on the Contract Demand so derived from the Connected Load

(100 per cent).

It was, however, seen that the convertible value of KW into KVA was entered

into the System manually, which led to determination of incorrect Contract

Demand and levying of incorrect fixed/demand charges on consumers. Analysis

of 58,861 transactions relating to 5,325 HT consumers in 17 IRCAs for the period

2016-17 revealed that the Contract Demand of the consumers was not correctly

entered into the System. In 3,063 cases pertaining to 270 consumers under

15 IRCAs, Contract Demand corresponded to 46 to 99 per cent of the Connected

Load. The understatement was in the range of 1 KVA to 311 KVA due to which

the Company short-billed an amount of ` 35.40 lakh towards fixed/demand

charges during 2016-17 against these consumers.

Further, the Contract Demand in other 5,231 cases pertaining to 496 consumers

under 17 IRCAs corresponded to 101 to 270 per cent of total Connected Load

resulted in overstatement of Contract Demand in these cases. The Contract

Demand of the consumers was overstated in the range of 1 KVA to 99 KVA due

to which there was excess billing of fixed charges by ` 9.67 lakh.


41

Thus, absence of automatic conversion of KW in KVA rendered the system

unreliable for the purpose of calculating fixed charges in respect of the above

mentioned four categories of HT consumers.

During Exit Conference (20 November 2018), the Government/Company

accepted the facts and assured to rectify the defect in the System to avoid revenue

loss in future.

Recommendation No.7: The provision for auto-conversion of Connected Load

(KW) into Contract Demand (KVA) for the relevant categories of consumers

should be incorporated in the system immediately so as to eliminate reoccurrence

of such errors.

Processing of bills ignoring the basic logic

2.14 The electricity bill of a consumer should have been processed considering

the basic logic that a consumer with a connected load of 1 KW could consume a

maximum of 720 kwh14

in 30 days even if the consumer uses the full load

24 hours a day.

Audit observed that the System allowed processing of electricity bills ignoring

this basic logic. Analysis of data revealed that one LT domestic consumer

(No. 51000348063) having connected load of 1 KW was served with a bill for

99,428 KWH consumption for 31 days instead of a maximum possible

consumption of 744 KWH.


accepted the observation and assured to incorporate necessary provisions in the

billing system so that a small consumer was not billed for abnormally high

consumption ignoring the basic logic.

Recommendation No. 8: The system should allow to process bills only after

considering the basic logic. To ensure this, the Company needs to incorporate

proper provision in the system with the help of system developer.

Mismatch of bill format

2.15 Analysis of bill format issued to the consumers revealed that some of the

basic consumer details like service connection number, billing status

(regular/assessed/provisional bill), previous payment details etc. were not

incorporated in the monthly electricity bill in violation of Clause 6.3.5 read with

6.3.13 of AERC Regulations.


stated that there were some practical difficulties in setting of the bill format. The

14

1 KW x 24 Hours x 30 Days = 720 KWH


42

Government/Company, however, assured to modify the billing format shortly so

as to include all the relevant particulars in the electricity bill as far as practicable.

Recommendation No. 9: The Company needs to modify the billing format

immediately so that the bills generated through SAP system includes all relevant

details of consumers as prescribed by AERC.

Customer Relationship Management (CRM) module

Pending updation of Geographical Information System (GIS) database

2.16 As per the advisory issued by Power Finance Corporation Limited15

, it

was essential for the Company to have up-to-date GIS asset and consumer

information in the GIS repository at all times. Further, as per the Software

Requirement Specifications (SRS16

), while releasing a new service connection, a

request with information on connected load, connection type, consumer ID and

other details were to be transmitted through the System from the CRM Module to

GIS module. This exercise was essential to confirm whether the distribution

transformer (DTR) and feeder from which the connection was to be allowed had

the required capability to release the desired load to the consumer. In response to

such request, a Load Flow Analysis (LFA) Report was to flow from GIS to CRM

containing information on DTR Capacity/Loading, GIS feasibility (either positive

or negative), etc. and the said information/fields were to be stored in service

contract item.

Audit observed that the Company had never updated the GIS database for

ongoing changes in electrical network and consumers in field, which was a

continuous process. As a result, the GIS mapping of assets and consumer

information prepared for the project areas became outdated. Due to outdated GIS,

the ESDs had been by passing the requirement of load flow analysis by selecting

the option ‘Network feasibility not required’ at the time of releasing new service

connections in SAP. As such, new service connections were being released

without getting any LFA report from the GIS. Audit further observed that out of

456 new service connections released by 6 ESDs17

during April 2017 to June

2017, 396 connections (86.84 per cent) were released from overloaded DTRs. The

overloading of DTRs could result in increase in distribution losses as well as

possibilities of frequent breakdown of DTRs.

During Exit Conference (20 November 2018), the Government/Company assured

to explore the possibility of updating the GIS database so that no new connection

was released from overloaded DTRs.

15

A Government of India PSU appointed as Nodal Agency for implementation of R-APDRP

scheme under the guidance of Ministry of Power, Government of India. 16

Condition NC9 and NC26 of CRM module 17

Out of 17 fully SAP based ESDs


43

The fact, thus, remains that due to absence of up-to-date GIS database, the

Company could not ensure the connected load of distribution transformers at

optimum level.

Recommendation No. 10: The Company needs to ensure regular updation of the

GIS database for successful implementation of CRM module.

System alert message for delay in issuing new connection

2.17 As per Clause 3.5 of AERC Regulations, the maximum prescribed time

limit for the new connection release in urban areas was 30 days from the date of

submission of registration form provided no extension work to existing network

was required and the pole distance from the premises of the consumer was less

than 30 meters.

Audit observed that the provision for generating alert message in case of delay in

release of connection was not incorporated in the system to facilitate timely

release of new connections. Audit observed that in 6 ESDs test checked, 650 out

of 1,366 service connections released during December 2017 to March 2018 had

been delayed for periods ranging from 1 to 840 days. Hence, timely release of

new service connections could not be ensured due to absence of necessary alert

system.


assured to take necessary action in the matter to address the issue.

The fact, thus, remains that in absence of necessary alert system, the Company

could not release new service connections within the prescribed time limit.

Recommendation No. 11: The existence of necessary alert system helps in timely

release of new service connection. The Company needs to incorporate the same in

the system immediately to maximize consumer satisfaction. The Company should

internally examine similar issues in other ESDs also.

Web Self Service (WSS) Module

Designing of web portal and its associated facilities

2.18 The WSS Module was mapped in the portal18

to provide a high quality

experience for the consumers and make it easy for them to communicate with the

Company through the web instead of direct phone calls or visits. The portal also

acted as a source of information for the consumers regarding policies and

procedures of the Company. On checking of WSS Module, the audit observed the

following:

18

www.apdcl.org


44

• The web page contained the brief description about the Company, its

mandate, Board of Directors, power map, tariff rates, applicable Acts and Rules

etc. Login component was present and registered Users could login using the

username and password. New Users could also register by clicking on the ‘First

Time Users Register’ link. The ‘Forgot Password’ link was meant to help the

Users to retrieve their password. Further, the facility to lodge complaint and track

its status by the applicant also existed in the System.

• The portal facilitated for online application of new service connection

along with the option to upload scanned copies of necessary documents such as

passport, photo, affidavit, proof of ownership etc. The applicants could also check

their application status. The consumer could also make online payment of

electricity bills through various modes such as net-banking, debit/credit card,

NEFT/RTGS and e-wallets.

• The portal contained various interactive features, such as, Frequently

Asked Questions (FAQ), email facilities, feedback forms, presence of social

media links (facebook, twitter etc).

Hence, the web portal of the Company was appropriately designed duly

incorporating all possible provisions in the System as far as practicable to provide

quality experience to its consumers, thereby increasing the consumer satisfaction.

Energy Audit (EA) Module:

Anomalies in generation of Energy Audit Report

2.19 The purpose of implementing the Energy Audit (EA) Module was to

monitor important distribution parameters, capture hierarchical view of energy

accounting, intelligent analysis tools for plugging loopholes and identifying

revenue leakage and calculate/identify technical and commercial losses.

Audit observed that the system facilitates for EA at three levels19

. Ideally the

energy injected into the system should be either equal to or greater than energy

billed. On analysis of Energy Audit Report of 6,140 DTRs for the month of

March 2018 in respect of four project areas20

, Audit observed that in case of 2,533

DTRs, energy injected figure was recorded as 'Zero' while energy billed against

these DTRs was 35.02 MU which was not realistic. Similarly, in case of another

124 DTRs, the energy injected figure (i.e. 0.73 MU) was less than the energy

billed figure (i.e. 2.12 MU) which was not possible and indicated the existence of

defects in the System.

19

Project area wise, Feeder wise and DTR-wise 20

Guwahati, Nagaon, Jorhat and Tinsukia


45

The Company accepted the facts and stated (November 2018) that it would look

into the matter and resolve the issue at the earliest.

The fact, however, remains that the DTR wise energy audit reports generated by

the System were not reliable and the same could not be used as analysis tools for

plugging loopholes and identifying revenue leakage.

Recommendation No. 12: The Company needs to rectify the deficiencies in EA

module immediately so that the system would generate correct energy audit

reports which can be used for further analysis purpose.

Mapping of business rules

The Company mapped business rules in the billing system in accordance with the

AERC Regulations and Schedule of Tariff (SoT) issued by AERC. Audit

observed the instances where business rules were not properly mapped as

discussed in the following paragraphs:

Meter Billing Collection (MBC) Module

Excess billing of Power Factor penalty

2.20 The Power factor (PF) is an indicator of the quality of design and

management of an electrical installation and the same is worked out as a ratio of

the total kilowatt-hour (KWH) to kilo volt-ampere hour (KVA) supplied during a

given period. The PF was recorded electronically by the energy meters and the

same was taken into account while preparing the bill of a consumer. As per SoT,

PF penalty at different slabs was to be levied on the consumer in case the monthly

average PF of the consumer ranged between 85 and 30 per cent. Hence, as per the

SoT, no PF penalty was leviable in case the PF fell below 30 per cent.

On analysis of 77,385 transactions of 6,969 HT consumers21

of 17 IRCAs for the

year 2016-17, Audit observed in 2,933 transactions pertaining to 618 consumers

under 17 IRCAs, PF penalty was imposed even though the PF fell below

30 per cent in violation of SoT. As a result, there was excess billing of PF penalty

amounting to ` 20.56 lakh.


accepted that any penalty imposed not backed by any Rule/Act was irregular. The

Government/Company, however, assured to take up the matter with AERC for

their opinion.

The fact, however, remains that the logic for imposing power factor penalty was

mapped ignoring the provisions of SoT issued by AERC. 21

Six categories: HT Domestic, HT Commercial, Public Water Works, Bulk Supply

(Government), Bulk Supply (others), HT Small Industries category


46

Recommendation No. 13: The Company needs to map the business rules strictly

in adherence to SoT/AERC Regulations.

Non-incorporation of provision for minimum contract demand

2.21 As per SoT, the HT consumers under Tea, Coffee, Rubber category could

opt for seasonal tariff (April to August) or off-season tariff (September to March)

as per their convenience.

To avail the above option, the Contract Demand of such consumers

during seasonal and off-season period, should be at minimum prescribed level of

65 per cent and 26 per cent of the Connected Load respectively. Audit observed

that the provision regarding minimum Contract Demand for seasonal and off-

season period was not incorporated in the System. As a result, SAP system

allowed fixing Contract Demand below the minimum prescribed level in violation

of SoT.

The analysis of 4,261 transactions of 865 consumers under 17 IRCAs for the

period April 2016 to August 2016 revealed that in 83 transactions pertaining to

19 consumers under 7 IRCAs, the seasonal Contract Demand ranged between

25 and 64 per cent of total connected load against minimum Contract Demand of

65 per cent leading to short-billing of ` 7.89 lakh in the form of demand charges.

Similarly, out of 6,036 transactions of other 885 consumers under 17 IRCAs, in

19 transactions pertaining to 10 consumers under 6 IRCAs for the period

September 2016 to March 2017, the off-seasonal Contract Demand ranged

between 16 and 25 per cent against minimum contract demand of 26 per cent

of total connected load. As a result, the Company short-billed an amount of

` 0.90 lakh in the form of demand charges.


assured to look into the matter and incorporate the necessary provisions for

seasonal and off-seasonal demand in case of Tea, Coffee & Rubber category of

consumers.

Recommendation No. 14: The provision for minimum contract demand for

seasonal and off-season consumers under HT Tea, Coffee and Rubber category

should be incorporated in the system immediately to avoid further loss of revenue.

Wrong categorization of consumers due to lack of validation check

2.22 Proper categorization of consumers was essential for ensuring correct and

accurate billing of energy supplied so as to eliminate any scope for under or over

recovery of electricity charges. To achieve this, the System should have proper

validation checks of data with reference to the applicable category and Connected

Load/Contract Demand of the consumer. Audit observed that there was absence


47

of data validation checks in the System due to which the following cases of wrong

categorization came to the notice of Audit:

(i) As per SoT, the consumers (exclusively domestic) having Connected Load

of (i) below 5 KW and (ii) 5 KW or more but below 20 KW; were to be

categorized as ‘Domestic-A’ and ‘Domestic-B’ consumers respectively. The

applicable tariff in case of Domestic-B category was higher than that of

Domestic-A category of consumers.

Audit observed that 1,485 consumers having Connected Load in the range 5 KW

to below 20 KW during the year 2016-17 under all 17 ESDs22

were billed as

Domestic-A instead of Domestic-B category in violation of SoT due to wrong

classification of consumers in the System. As a result, the Company short-billed

an amount aggregating ` 12.21 lakh in respect of these consumers. Besides, these

consumers had also irregularly availed the benefit of Government subsidy of

` 6.91 lakh despite their being not eligible for the same.

(ii) Similarly, as per SoT, the industrial consumers having Contract Demand

between 25 to 50 KVA and 50 to 150 KVA were to be categorized as ‘HT-Small

Industry’ and ‘HT-I Industry’ respectively. The applicable tariff was accordingly

higher in case of HT-I Industry category.

On analysis of 11,477 transactions of 1,042 HT Small Industry consumers in 17

IRCAs, it was noticed that in 26 transactions of 3 consumers in 3 IRCAs,

categorisation was wrongly done in the System as HT-Small Industry instead of

HT-I Industries during the year 2016-17. As a result, the Company short-billed an

amount of ` 2.10 lakh due to billing the consumers at lower tariff.

(iii) As per SoT, the industrial consumers having Contract Demand between

50 to 150 KVA and above 150 KVA were categorized as ‘HT-I Industry’ and

‘HT-II Industry’ respectively. Accordingly, the tariff was higher in case of HT-II

Industry category.

On analysis of 1,621 transactions of 153 HT-I Industries consumers in 15 IRCAs

for the year 2016-17, it was seen that 57 transactions of 9 consumers under 7

IRCAs were wrongly categorized under HT-I Industries instead of HT-II

Industries. As a result, there was short billing to the extent of ` 9.56 lakh in these

cases.

Further, on analysis of 637 transactions of 69 HT Industries consumers for the

year 2016-17 in 12 IRCAs, it was seen that 10 transactions of 3 consumers in 1

IRCA were wrongly categorized as HT-II Industries instead of HT-I Industries.

As a result, there was excess billing of ` 2.15 lakh against these consumers.

22

Where SAP was fully implemented


48

Therefore, lack of proper validation checks in the system resulted in wrong

categorisation of consumers. This led to incorrect billing and grant of government

subsidy to ineligible consumers.


stated that at present, necessary validation checks have been placed in the System

to maintain proper rate category in accordance with Connected Load/Contract

Demand of a consumer. The Government/Company further assured to explore the

possibility of recovering the short-billed amount from the consumers, which

occurred due to incorrect classification of consumers.

The fact, however, remains that the Company suffered loss of revenue due to

absence of proper validation checks in the system.

Recommendation No. 15: The Company needs to recover the short-billed amount

from the consumers concerned, which had occurred due to wrong categorization

of consumers. The Company should internally examine similar issues in other

ESDs also.

Anomalies in calculation of revised security deposit

2.23 Clause 6.2.1.2.1 of the AERC Regulations stipulated that the amount of

security deposit obtainable from a consumer should be reviewed every year based

on the actual consumption of the consumer during the previous year. The

consumer was accordingly required to pay additional security deposit or be

refunded any excess amount of security deposit held by the Company beyond the

stipulated amount.

Audit observed that although the System was enabled to calculate the revised

security deposit, the security deposit of consumers were revised through SAP

system only in 223

out of 5 IRCAs test checked. In the remaining 3 IRCAs,

however, the security deposit was revised manually as and when required. In this

connection, following anomalies were noticed:

(i) Refundable logic at the choice of the user: The logic for demand/refund

of the security deposit should have been automatically processed and adjusted in

the monthly bills by the System. On analysis of data, relating to the security

deposit of 2,805 consumers revised through SAP in respect of Guwahati IRCA-I

for the year 2016-17, Audit observed that in respect of 767 consumers, the

company held a security deposit amount, which was higher than the revised

security deposit calculated by the System. The differential amount of ` 10.93

crore was, however, not refunded to the consumers through adjustments in

subsequent electricity bills. Similarly, on analysis of data relating to security

23

Guwahati IRCA-I (2015-16 and 2016-17) and Tinsukia IRCA (2016-17)


49

deposit of 511 consumers revised through SAP in respect of Tinsukia IRCA for

the year 2015-16, Audit observed that the System failed to refund ` 1.09 crore

through automatic adjustment in electricity bills in respect of 73 consumers whose

revised security deposit was less than the original security deposit.


stated that there was option of refund of excess security deposit in the System and

the same was placed at the disposal of the field offices. The

Government/Company further mentioned that since high rate of interest was

payable on security deposit, it was wise for the Company to refund the excess

security deposit. The Government/Company assured to attempt designing the

System in such a way that no provision of AERC Regulation was violated.

The contention of the Government/Company regarding placing the option of

security refund at the disposal of field offices was not acceptable as refund of

excess security deposit was mandatory as per AERC Regulation. Hence, any

refund of excess security deposit should have been automatically adjusted in

monthly bills in the same way as recovery of additional security deposit was

effected through adjustment in bills.

Recommendation No. 16: The Company needs to design the system in such a way

that the refund amount gets automatically adjusted in the subsequent bills of the

consumer on revision of security deposit instead of placing the same at User’s

discretion.

(ii) Non-consideration of interim payments made by consumers: The

exercise for revision of security deposit was carried out on 20 December 2017

based on the consumption for the year 2016-17. While calculating the amount of

additional security deposit, the System should have taken into account all the

payments made by the consumers towards security deposit till the date of

revision. On analysis of data relating to the security deposit of 2,805 consumers

revised through SAP in respect of Guwahati IRCA-I for the year 2016-17, Audit

observed that the system did not consider payments aggregating ` 3.39 crore

made by the 448 consumers towards security deposit between 31 March 2016 and

20 December 2017. As a result, the consumers were asked to pay additional

security deposit, which they were not actually liable for. On receipt of complaints

from consumers, the same had to be rectified by the Company manually.

The Company accepted (November 2018) that the procedure followed for not

considering interim payment for calculation of additional security deposit was

incorrect. The Company further assured to immediately re-check the logic and

rectify the same so that there were no complaints from consumers.


50

The fact, however, remains that the System kept in place for revision of security

deposit failed to ensure accuracy in calculation and hence, the same was

unreliable.

Recommendation No. 17: The System should consider all payments made by the

consumer towards security deposit till the date of revision while calculating the

amount of additional security deposit. To ensure this, the Company needs to map

the business logic accordingly with the help of system developer.

Application and Security Controls

Application controls

Application controls pertain to specific computer applications. These application

controls help to ensure the proper authorization, completeness, accuracy, and

validity of transactions, maintenance and other types of data input. The absence of

application controls such as input control and processing controls were noticed in

the SAP system, which have been elaborated under the following paragraphs:

Input controls

Acceptance of invalid PIN Codes

2.24 All the possible Postal Index Number (PIN) codes of different localities of

the State should have been incorporated in the system so as to provide an effective

validation check against the entry of invalid PIN codes for any electricity

connections. Audit observed that in 19,094 out of 21,618 transactions processed

by Basistha ESD for the month of March 2018, the PIN code was mentioned as

‘000000’ which was incorrect and should not have been accepted by the System.

This implied that there was absence of data validation check with respect to input

entry of PIN code.


assured to conduct Know Your Customer (KYC) process in all ESDs and IRCAs

to incorporate the correct PIN code in the personal details of each consumer.

Recommendation No.18: The Company needs to incorporate proper validation

checks in place to ensure acceptance of correct PIN codes by the system.

Acceptance of unusual meter numbers

2.25 To ensure the accuracy and authenticity of the data input, the System

should have appropriate in-built control for automatic check of the input data

entries. Audit observed that in 3 out of 178 consumers details (LT Domestic-A)

test checked in Basistha Sub Division for the year 2017-18, meter numbers were


51

found captured by the System with unusual patterns (viz. AS128048_1,

AS066821_1, 460862_1). As such, the possibility of processing the transactions

with arbitrary meter numbers through SAP system could not be ruled out.


stated (November 2018) that when a meter was replaced and the same meter was

reissued to a different consumer, the meter numbers were being entered in the

System with a combination of special characters and number as SAP only allowed

input entry of unique meter numbers.

The reply was indicative of the fact that there was a possibility of processing

transactions with forged meter numbers through SAP System.

Recommendation No. 19: The Company needs to address the issue of accepting

unusual meter number through appropriate modification in the system logics.

Processing controls

Processing of transactions without pole number

2.26 The LT consumers were provided the connection from a particular pole

attached to a DTR. Hence, it was essential that every LT consumer should have a

pole number assigned to it. Audit observed that in Garbhanga ESD (2017-18), 36

out of 2,96,533 transactions under LT category were processed without assigning

any pole number. In absence of the pole number details in the System, the exact

location of the consumer could not be ascertained. Further, absence of this

information in the System would also create difficulties in updating of the GIS

database.


accepted that pole number was an essential information and it must be displayed

in all the transactions of consumers. The Government/Company also assured to

look into the matter and resolve the issue at the earliest.

Recommendation No. 20: The Company needed to address the issue of

processing transactions without pole number at the earliest to overcome the

difficulties that might arise during updation of GIS database.

Processing of bills for abnormal billing cycles

2.27 Clause 6.2.6.1 of AERC Regulations stipulated that the billing cycle of

consumers should normally be 30 days. However, the billing cycle could be

extended upto 60 days in special circumstances with proper communication to the

consumer concerned. On analysis of billing data, Audit observed that

22 transactions pertaining to 10 consumers were processed by the System for a

period ranging from 116 to 1,889 days in violation of AERC Regulations.


52


stated that the provision for higher billing cycle than prescribed was kept in the

System to take care of the exceptional cases such as regularizing the irregular

connections and billing the unbilled consumers. The Government/Company

further assured to look into the issue for appropriate action.

The fact, however, remained that there was no provision in the System to indicate

the reason for processing bills beyond the prescribed billing period.

Recommendation No. 21: It is recommended that the Company should

incorporate necessary provision in the system to indicate proper reason while

processing bills for period more than the prescribed billing period.

Processing of unusual transactions

2.28 On analysis of 5,05,939 transactions of 43,881 LT consumers in Basistha

ESD for the year 2017-18, Audit observed the following unusual transactions:

• Two bills having same consumer ID (51000281910) were processed with

same bill date (7 May 2017), bill period, bill amount, kWh consumption,

document number but with different combination of previous and current reading.

This indicated existence of bill processing issues in the System providing scope

for processing more than one bill against the same document number.

• Three transactions of a consumer ID (51000289557) were processed with

doubtful meter readings, wrong calculation of energy charge, different meter

numbers and wrong consumer ID pattern etc.

• In case of ‘Zero’ consumption recorded during a billing cycle, the

consumer concerned should be billed for the minimum fixed charges. Audit

observed that in 242 transactions having ‘Zero’ consumption, no billing was done

by the System.

• In 8,352 transactions, although energy consumption was found to be

recorded as ‘Zero’, no provision in the System was present to indicate the reason

for the same.

• As the System allowed processing of unusual transactions, the possibility

of errors in billing data could not be ruled out.


assured to verify the data analysed by Audit and take appropriate steps to resolve

the issues pointed out.

Recommendation No. 22: The Company should place proper control mechanism

in the System so that there is no scope for processing of unusual transactions.


53

Output controls

Consideration of power factor with three decimal places

2.29 AERC Regulations stipulated that the PF ratio should be determined after

rounding off the figures to two decimal places. Audit observed that the System

did not round off the PF ratio to two decimal places. As a result, while processing

the bills, the digit in the third place was considered for calculation of PF

penalty/rebate leading to short and excess recovery of electricity charges. On

analysis of 77,385 transactions of 6,969 HT consumers in 17 IRCAs for the year

2016-17, Audit observed that there was a short recovery of energy charges

aggregating ` 6.01 lakh in 5,305 transactions of 2,099 consumers, while there was

an excess recovery of ` 9.44 lakh in another 7,061 transactions of 2,391

consumers.

During the Exit Conference, the Government/Company stated (20 November

2018) that the facility was provided at the disposal of the End Users to enter the

PF readings in the billing system. It was further stated that in the case of

automatic meter reading (AMR) based consumers (all HT consumers), the AMR

meters were pushing Average Power Factor Readings up to 3 Digits.

The reply was not acceptable as the SAP application should be configured to

round off the readings upto 2 decimal places so that it was processed as per the

provisions of AERC Regulation.

Recommendation No. 23: The Company should either modify the system to round

off the PF ratio to two decimal places as per AERC Regulations or in case of any

practical difficulties in modifying the system, it should pursue the matter with

AERC for necessary modification in the Regulations.

Duplicate generation of bills

2.30 On analysis of 1,77,789 transactions of 15,117 Domestic-A consumers in

Basistha ESD for the period 2017-18, Audit observed that the transactions of 341

consumers appeared 20 to 48 times against maximum possible 12 transactions in a

year considering the billing cycle of 30 days. This indicated a lack of output

control in the System leading to existence of same bill in the database for multiple

times. As a result, the System would be overloaded with unnecessary billing data

hampering its efficiency considerably.

During Exit Conference (20 November 2018), the Government/Company stated

that the data analysed by Audit would be checked for further reply from their end.

Recommendation No. 24: The Company needs to incorporate proper output

controls in the system to address the issue of generating duplicate bills.


54

Security Controls

2.31 A well-thought comprehensive IT policy demonstrates the ability of an

organization to reasonably protect all business critical information and related IT

information processing assets from loss, damage or abuse. It was, thus, important

for the Company to establish an appropriate IT policy to ensure effective

operation of the IT system and safety/security of its database. IT Policy of the

Company envisaged following two basic levels of controls:

Physical Access Controls: These controls restrict the physical access of the

System to the authorised Users only; and

Logical Access Controls: This protection mechanism limits User’s access to

information relevant to their work profile only besides restricting the forms of the

User’s access on the System to only what was appropriate for them.

Audit observed that even though the Company had implemented the computerized

billing System in the organisation, it had not devised and adopted an appropriate

IT Policy so far (December 2018). The following observations have been noticed

in this regard:

Weak Environmental Controls

2.32 For a secured IT set up, well-planned environmental controls were

necessary to protect the hardware in case of any accident or mishap including the

incidence of fire. Physical verification of IT Setup of 6 ESDs and 5 IRCAs

revealed that no fire extinguishers or fire alarm system had been installed in any

of the ESDs/IRCAs for protection against fire.

In the Exit Conference (20 November 2018), the Government/Company assured

to place fire extinguisher/fire alarm system in ESDs and IRCAs so as to maintain

a healthy environment for IT set-up in all offices.

Recommendation No. 25: It is recommended that the Company should

immediately install fire extinguishers/fire alarm system to ensure protection of the

hardware against the incident of fire.

Secured mode of login

Password Policy

2.33 The most common form of logical access control was login identifiers

(IDs) followed by password authentication. To ensure effectiveness of the

passwords, there must be appropriate password policy and procedures in place,

which should be followed by all the Users. To ensure effective control on the

access to the System, password policy could define the requirements regarding


55

minimum password lengths, forcing change of the password at regular time

intervals and automatically rejecting purely numerical passwords, etc.

Audit observed that the Company had not devised and put in place any password

policy so far (December 2018). As a result, the Users could set easy passwords

and keep the same unchanged for long periods. As such, in absence of a well-

defined password policy, the database of the Company was vulnerable against the

risk of unauthorised access and manipulation, which was not in the interest of the

Company.

In reply, the Company assured (November 2018) to incorporate an appropriate

password policy in the System binding the Users to change passwords at an

interval of every 30 days to ensure proper security of authorised User login.

Recommendation No. 26: The Company needs to formulate and adopt an

appropriate password policy to ensure security of database against the risk of

unauthorised access and manipulation.

Use of biometric devices

2.34 As per Clause 2.2 of the work order issued to the system developer, the

login in the computer systems for commercial applications like, Metering, Billing

and Collection Modules had to be only through biometrics authentication system

Audit observed that 4 out of 5 IRCAs and 4 out of 6 ESDs test checked did not

use biometric devices for login purpose. Absence of biometric authentication

system to login into the System leaves the scope for unauthorized access to data.


stated that as the login would be based on finger scanning, the same would be

applicable to a particular User. As such, in case the regular User remained on

leave, the System would not be accessible by the alternate User making it difficult

to attend the work even in case of necessity.

The reply was not acceptable as the concern of the Government/Company could

be addressed by incorporating appropriate provision in the System authorising the

alternate User with administrative privilege to access computer and perform the

job of absentee User.

Recommendation No. 27: It is recommended that the Company should adopt the

methodology of login into the system through biometric devices to eliminate the

scope for unauthorised access to data.


56

Outcome of implementation of SAP based Computerised Billing System

2.35 The main objective of implementation of SAP based Computerised Billing

System was to reduce the aggregate technical and commercial (AT&C) loss of the

Company. The Company installed SAP based billing application in case of

8.86 lakh24 (20.48 per cent) out of its total 43.28 lakh consumers in a phased

manner during the period from March 2013 to March 2016. The impact on the

performance of the Company in areas where the SAP based Centralised Billing

System was implemented improved considerably which is shown in Table 2.3

below:

Table 2.3: Details of Billing & Collection efficiency and AT&C loss after

implementation of SAP based Computerised Billing System

Year

SAP based project areas

Billing efficiency Collection efficiency AT&C loss

(in percentage)

2015-16 70.09 90.93 36.27

2016-17 82.03 98.03 19.58

2017-18 84.02 100.00 15.98

As seen from above, the billing efficiency25

of the SAP based project areas was

increased from 70.09 per cent (2015-16) to 84.02 per cent (2017-18). As regards

the collection efficiency, the same was increased from 90.93 per cent (2015-16) to

100 per cent (2017-18). Consequently, the AT&C loss of the SAP based project

areas reduced from 36.27 per cent (2015-16) to 15.98 per cent (2017-18) which

contributed in improving the overall performance of the Company.

Recommendation No. 28: Considering the significant advantages of

implementation of SAP based Computerised Billing System in respect of 8.86 lakh

consumers (20.48 per cent), the Company needs to ensure that SAP based

Computerised Billing System is extended to the remaining 79.52 per cent

consumers also at the earliest.

Conclusion

• The Company neither had conducted any Feasibility study nor had

properly documented the migration process of consumer data to new System. This

was indicative of deficient planning and implementation of the SAP System. The

24

Comprising 8.69 lakh LT consumers and 0.17 lakh HT consumers. 25

Inspite of Computerised system, billing efficiency was not 100 per cent because, the meter

reading in case of LT consumers are still done manually.


57

Company had also not provided the necessary training to the System Users

leaving scope for human intervention in its day-to-day operations, which was

undesirable and against the basic objective of the System.

• System design deficiencies existing in the Meter Billing Collection

(MBC), Customer Relationship Management (CRM) and Energy Audit (EA)

Modules led to various anomalies such as non-serving of supplementary bills,

non-interfacing with CMRI, wrong billing of fixed charges due to incorrect

conversion of KW into KVA, processing of bills ignoring basic logic, overloading

of distribution transformers, delay in release of new service connections,

generation of incorrect energy audit report etc. Besides, Geographical Information

System (GIS) was not operative in absence of regular updation. As such, the

intended benefits of implementing MBC and CRM module could not be achieved

to the desirable extent.

• Incorrect mapping of business rules coupled with inadequate validation

checks in place led to short and excess recovery of electricity charges from

consumers in violation of the Electricity Supply Code and Related Maters

Regulations and Schedule of tariff issued by AERC. Wrong categorization of

consumers, non-incorporation of minimum contract demand, inaccuracy in

calculation of power factor penalty, non-refund of excess security showed

deficiency of the billing system. The above deficiencies in the System have led to

large-scale human interventions in the billing operations of the Company

disregarding the concept of computerisation.

• The application controls of the System were not adequate for ensuring

accuracy and integrity of data. This led to processing of transactions with invalid

PIN codes, unusual meter numbers, generation of bills with NIL amount in case

of zero consumption instead of raising bills at minimum fixed charges etc.

Further, an IT Policy was not clearly defined and as such, strict enforcement of

the same could not ensure compromising with the security and safety of the

System.

Documents

Performance Audit relating to Power Sector PSUs · developed by Tata Consultancy Services (TCS) with Oracle as the database on a centralised platform comprising of four Modules namely,